
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?php require("sv/configsv.php");
if($_GET['code'])
{
	$get_username = $_GET['username'];
	$get_code = $_GET['code'];
	
	$query = mysql_query("select* from  register where username = '$get_username'");
	while($row = mysql_fetch_assoc($query))
	{
		$db_code = $row['passreset'];
		$db_username = $row['username'];	
	}
	if($get_username == $db_username && $get_code == $db_code)
	{
		echo "
		<form action='pass_rest.php?code=$get_code' method='post'>
			Pass new: <input type='password' name='newpass' /><p></br>
			lap lai: <input type='password' name ='newpass1'/></p></br>
			<input type='hidden' name ='username' value='$db_username'/></p></br>
			<input type='submit' value='Update pass ' name='submit' />
		</form>
		";
	}
}
if(!$_GET['code'])
{
	

echo"
		<form action='forgot_pass.php' method='post'>
		Username: <input type='text' name='username' /><p></br>
		Email : <input type='email' name ='email'/></p></br>
		<input type='submit' value='submit' name='submit' />
		</form>";
		
		if(isset($_POST['submit']))
		{
			$username = $_POST["username"];
			$email =    $_POST["email"];
			
			$query = mysql_query("select* from register where username = '$username'");
			$numrow = mysql_num_rows($query);
			if($numrow !=0)
			{
				while($row = mysql_fetch_assoc($query))
				{
					$db_email =  $row["email"];
				}
				if($email == $db_email)
				{
					$code = rand(10000,100000);
					$to = $db_email;
					$subject = "Pass Reset";
					$body = "
					Resr padd weffsd  click link : http://localhost/bdu1/daotao/sinhvien/forgot_pass.php?code=$code&username=$username";
					
					mysql_query("update register set passreset = '$code'  where usename = '$username'");
					mail($to,$subject,$body);
					echo "Cheok mail";
				}
				else
				{
					echo "email ko đúng	";
				}
			}
			else
			{
				echo " đăng nhập thất bại";
			}
		}
}
 ?>
</body>
</html>